/* www.oscGold.com (C) Kamelia-Net Jacek Krysiak modul oscGold wer 4.0 */ require('includes/application_top.php'); if (ACCOUNT_VALIDATION == 'true' && ACCOUNT_REVIEWS_VALIDATION == 'true') { require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_ACCOUNT_VALIDATION); include_once('includes/functions/' . FILENAME_ACCOUNT_VALIDATION); } if (!tep_session_is_registered('customer_id') && REVIEWS_ADD_CUSTOMERS == 'true') { $navigation->set_snapshot(); tep_redirect(tep_href_link(FILENAME_LOGIN, 'act=register', 'SSL')); } $product_info_query = tep_db_query("select p.products_id, p.products_model, p.products_image, p.products_price, p.products_tax_class_id, pd.products_name from " . TABLE_PRODUCTS . " p, " . TABLE_PRODUCTS_DESCRIPTION . " pd where p.products_id = '" . (int)$HTTP_GET_VARS['products_id'] . "' and p.products_status = '1' and p.products_id = pd.products_id and pd.language_id = '" . (int)$languages_id . "'"); if (!tep_db_num_rows($product_info_query)) { tep_redirect(tep_href_link(FILENAME_REVIEW_NOTICE, tep_get_all_get_params(array('action')))); } else { $product_info = tep_db_fetch_array($product_info_query); } if (tep_session_is_registered('customer_id')) { $customer_query = tep_db_query("select customers_firstname, customers_lastname from " . TABLE_CUSTOMERS . " where customers_id = '" . (int)$customer_id . "'"); $customer_info = tep_db_fetch_array($customer_query); if (REVIEWS_NAME_CUSTOMERS == 'true') { $customer = tep_output_string_protected($customer_info['customers_firstname'] . ' ' . $customer_info['customers_lastname']); } else { $customer = tep_output_string_protected($customer_info['customers_firstname']); } $id_klienta = (int)$customer_id; } else { $customer = ''; $id_klienta = 0; } if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'process')) { $rating = tep_db_prepare_input($HTTP_POST_VARS['rating']); $review = tep_db_prepare_input($HTTP_POST_VARS['review']); $customer = tep_db_prepare_input($HTTP_POST_VARS['customer']); $error = false; if (strlen($review) < REVIEW_TEXT_MIN_LENGTH) { $error = true; $messageStack->add('review', str_replace('*','',JS_REVIEW_TEXT)); } if (($rating < 1) || ($rating > 5)) { $error = true; $messageStack->add('review', str_replace('*','',JS_REVIEW_RATING)); } if (empty($customer)) { $error = true; $messageStack->add('review', str_replace('*','',JS_ERROR)); } if (ACCOUNT_VALIDATION == 'true' && ACCOUNT_REVIEWS_VALIDATION == 'true') { $antirobotreg = tep_db_prepare_input($HTTP_POST_VARS['antirobotreg']); } if (ACCOUNT_VALIDATION == 'true' && ACCOUNT_REVIEWS_VALIDATION == 'true') { $sql = "SELECT * FROM " . TABLE_ANTI_ROBOT_REGISTRATION . " WHERE session_id = '" . tep_session_id() . "' LIMIT 1"; if( !$result = tep_db_query($sql) ) { $error = true; $entry_antirobotreg_error = true; $text_antirobotreg_error = ERROR_VALIDATION_1; } else { $entry_antirobotreg_error = false; $anti_robot_row = tep_db_fetch_array($result); if (( strtoupper($HTTP_POST_VARS['antirobotreg']) != $anti_robot_row['reg_key'] ) || ($anti_robot_row['reg_key'] == '') || (strlen($antirobotreg) != ENTRY_VALIDATION_LENGTH)) { $error = true; $entry_antirobotreg_error = true; $text_antirobotreg_error = ERROR_VALIDATION_2; } else { $sql = "DELETE FROM " . TABLE_ANTI_ROBOT_REGISTRATION . " WHERE session_id = '" . tep_session_id() . "'"; if( !$result = tep_db_query($sql) ) { $error = true; $entry_antirobotreg_error = true; $text_antirobotreg_error = ERROR_VALIDATION_3; } else { $sql = "OPTIMIZE TABLE " . TABLE_ANTI_ROBOT_REGISTRATION . ""; if( !$result = tep_db_query($sql) ) { $error = true; $entry_antirobotreg_error = true; $text_antirobotreg_error = ERROR_VALIDATION_4; } else { $entry_antirobotreg_error = false; } } } } if ($entry_antirobotreg_error == true) $messageStack->add('review', str_replace('*','',$text_antirobotreg_error)); } if ($error == false) { tep_db_query("insert into " . TABLE_REVIEWS . " (products_id, customers_id, customers_name, reviews_rating, date_added) values ('" . (int)$HTTP_GET_VARS['products_id'] . "', '" . (int)$id_klienta . "', '" . $customer . "', '" . tep_db_input($rating) . "', now())"); $insert_id = tep_db_insert_id(); tep_db_query("insert into " . TABLE_REVIEWS_DESCRIPTION . " (reviews_id, languages_id, reviews_text) values ('" . (int)$insert_id . "', '" . (int)$languages_id . "', '" . tep_db_input($review) . "')"); if ((USE_POINTS_SYSTEM == 'true') && (tep_not_null(USE_POINTS_FOR_REVIEWS)) && tep_session_is_registered('customer_id') && (int)$customer_id > 0) { $points_toadd = USE_POINTS_FOR_REVIEWS; $comment = 'TEXT_DEFAULT_REVIEWS'; $points_type = 'RV'; tep_add_pending_points($customer_id, $product_info['products_id'], $points_toadd, $comment, $points_type); } tep_redirect(tep_href_link(FILENAME_REVIEW_NOTICE, tep_get_all_get_params(array('action')))); } } $products_name = '' . $product_info['products_name'] . ''; require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_PRODUCT_REVIEWS_WRITE); $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_PRODUCT_REVIEWS, tep_get_all_get_params())); $content = CONTENT_PRODUCT_REVIEWS_WRITE; include (bts_select('main', $content_template)); // BTSv1.5 require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>